Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-15945

Inconsistent validation of usernames between admin-added and public signup

XMLWordPrintable

      As an administrator, try to add a user with a username such as "a+b"

      The new user will be created, but the username is stripped of the plus and so created as "a b"

      Now enable public signup, and create a new user with username "a+b". This will succeed.

      Allowing users with dodgy characters causes issues such as CONF-15920 and CONF-15921. The validation on usernames for public signup should be at least as strict as the administrative add user screen.

      Also, the UI should give a warning message, rather than silently stripping characters.

            [CONFSERVER-15945] Inconsistent validation of usernames between admin-added and public signup

            Anatoli added a comment -

            Removed the 'fix for' version as this is not going to be implemented for 3.0.1.

            Anatoli added a comment - Removed the 'fix for' version as this is not going to be implemented for 3.0.1.

            Anatoli added a comment -

            We should definitely make validation consistent, however having a strict validation does not eliminate the listed bugs as the usernames can still come from external user management (LDAP or crowd)

            Anatoli added a comment - We should definitely make validation consistent, however having a strict validation does not eliminate the listed bugs as the usernames can still come from external user management (LDAP or crowd)

              nbhawnani Niraj Bhawnani
              mhrynczak Mark Hrynczak (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: